15 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-2775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. dot d...
SUSE: Security Advisory (SUSE-SU-2019:13924-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-1153)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : mailman (ALAS-2015-582)
It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. CVE-2015-2775 It was found that mailman stored private email messages in a world-readable directory. A local user...
RHEL 6 : mailman (RHSA-2015:1417)
Updated mailman packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...
RedHat Update for mailman RHSA-2015:1417-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mailman FEDORA-2015-5333
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : mailman (ELSA-2015-1153)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2015-1153 advisory. - fix CVE-2015-2775 - directory traversal in MTA transports Tenable has extracted the preceding description block directly from the Oracle Linux security...
RedHat Update for mailman RHSA-2015:1153-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
mailman security and bug fix update
3:2.1.15-21 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.15-20 - fix 1107652 - do not install patch backup files in documentation 3:2.1.15-19 - fix 1188043 - set 2775 permission only for /etc/mailman 3:2.1.15-18 - fix 1107652 - add support for DMARC - fix 1180981 - install...
MGASA-2015-0205 Updated mailman packages fix security vulnerabilities
Updated mailman packages fix security vulnerability: A path traversal vulnerability was discovered in Mailman. Installations using a transport script such as postfix-to-mailman.py to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully...
Updated mailman packages fix security vulnerabilities
Updated mailman packages fix security vulnerability: A path traversal vulnerability was discovered in Mailman. Installations using a transport script such as postfix-to-mailman.py to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully...
Fedora 21 : mailman-2.1.20-1.fc21 (2015-5216)
Update to new version 2.1.20. Fix dependency on python-dns. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2015-2775
CVE-2015-2775 is a directory traversal vulnerability in GNU Mailman up to version 2.1.19, exploitable via a leading .. in a list name when not using a static alias. The underlying issue is improper validation of list-name input, enabling remote attackers to execute arbitrary files. Impact is remo...
[SECURITY] [DSA 3214-1] mailman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3214-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 06, 2015 http://www.debian.org/security/faq -...